P
US5754656AExpiredUtilityPatentIndex 95

Electronic shopping method, electronic shopping system and document authenticating method relating thereto

Assignee: HITACHI LTDPriority: Aug 4, 1995Filed: Aug 1, 1996Granted: May 19, 1998
Est. expiryAug 4, 2015(expired)· nominal 20-yr term from priority
Inventors:NISHIOKA MOTOTSUGUMIYAZAKI SATOSHI
G06Q 20/401G06Q 20/388G06Q 20/3674H04L 63/12G06Q 20/10H04L 63/123G06Q 20/085G06Q 30/06G06Q 20/3821G06Q 20/40G07F 7/00H04L 63/0428G06Q 20/02G06Q 20/383H04L 9/3234G06Q 20/102H04L 9/3236G06Q 30/0601G06Q 20/12H04L 2463/102H04L 9/3247H04L 2209/56G06Q 20/04G06Q 40/00G06Q 20/3829G06Q 20/367
95
PatentIndex Score
86
Cited by
7
References
11
Claims

Abstract

An electronic shopping method is provided by both an apparatus 10 and an apparatus 30 to hold a key K(A, C) in common, and both the apparatus 30 and an apparatus 40 to hold a key K(B, C) in common. The apparatus 10 transmits a cipher text C1 which is obtained by enciphering a written order P of the products to be purchased using a key K, a cipher text C2 which is obtained by enciphering the key K using the key K(A, C), and authentication information C3 relating to a part P2 of the written order P to the apparatus 30 and the like. The apparatus 40 deciphers the key K on the basis of the cipher text C2, transmits a cipher text C4 which is obtained by enciphering the key K using the key K(B, C) to the apparatus 30. The apparatus 30 deciphers the key K on the basis of the cipher text C4, deciphers the written order P on the basis of the cipher text C1, authenticates the part P2by referring the authentication information C3, and transmits a fifth cipher text C5 which is obtained by enciphering the authentication information C3 and the part P2 using the key K(B, C) to the apparatus 40. The apparatus 40 deciphers the part P2, and authenticates the part P2 by referring to the authentication information C3.

Claims

exact text as granted — not AI-modified
We claim: 
     
       1. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said first apparatus and said third apparatus hold a first key in common, and both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text which is obtained by enciphering the written order exhibiting the products to be purchased using a third key selected at random, a second cipher text which is obtained by enciphering the third key using the first key, and authentication information relating to at least a predetermined part of the written order, and then transmits the first cipher text, the second cipher text and the authentication information to said second apparatus through said communication network;   said second apparatus transmits the second cipher text to said third apparatus;   said third apparatus deciphers the third key using the first key on the basis of the second cipher text, and calculates a third cipher text which is obtained by enciphering the resultant third key using the second key, and then transmits the third cipher text to said second apparatus through said communication network;   said second apparatus deciphers the third key using the second key on the basis of the third cipher text, and also deciphers the written order using the resultant third key on the basis of the first cipher text, and authenticates the predetermined part of the written order by referring to the authentication information, and calculates a four cipher text which is obtained by enciphering the predetermined part of the written order using the second key, and then transmits both the authentication information and the fourth cipher text to said third apparatus; and   said third apparatus deciphers the predetermined part of the written order using the second key on the basis of the fourth cipher text, and authenticates the predetermined part of the written order by referring to the authentication information.   
     
     
       2. An electronic shopping method according to claim 1, wherein the predetermined information of the written order is information to be notified to the credit card company, and the authentication information corresponds to a fifth cipher text which is obtained by enciphering the predetermined information using the first key by said first apparatus, and said third apparatus deciphers the predetermined information from the fourth cipher text using the second key, and also deciphers the predetermined information from the fifth cipher text using the first key, and judges whether or not the resultant two predetermined information matches each other, thereby authenticating the predetermined part of the written order.   
     
     
       3. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said first apparatus and said third apparatus hold a first key in common, and both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text which is obtained by enciphering the written order exhibiting the products to be purchased using a third key selected at random, a digital signature for the written order carried out by using a secret key associated with said first apparatus, and a second cipher text which is obtained by enciphering the third key using the first key, and then transmits the first cipher text, the digital signature and the second cipher text to said second apparatus through said communication network;   said second apparatus transmits the second cipher text to said third apparatus;   said third apparatus deciphers the third key using the first key on the basis of the second cipher text, and calculates a third cipher text which is obtained by enciphering the resultant third key using the second key, and then transmits the third cipher text to said second apparatus through said communication network;   said second apparatus deciphers the third key using the second key on the basis of the third cipher text, and also deciphers the written order using the resultant third key on the basis of the first cipher text, and confirms the legality of the digital signature using a public key associated with said first apparatus, thereby authenticating the written order, and calculates a fourth cipher text which is obtained by enciphering the written order using the second key, and then transmits both the digital signature and the fourth cipher text to said third apparatus; and   said third apparatus deciphers the written order using the second key on the basis of the fourth cipher text, and confirms the legality of the digital signature using the public key associated with said first apparatus, thereby authenticating the written order.   
     
     
       4. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said first apparatus and said third apparatus hold a first key in common, and both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text which is obtained by enciphering a third key selected at random using first information which is obtained by only said first apparatus, and then transmits the first cipher text to said second apparatus through said communication network;   said second apparatus calculates a second cipher text which is obtained by enciphering the first cipher text using second information which is obtained by only said second apparatus, and then transmits the second cipher text to said first apparatus;   said first apparatus calculates a third cipher text which is obtained by enciphering the written order exhibiting the products to be purchased using the first key, a fourth cipher text which is obtained by enciphering a cipher text, from which the influence of the first information is removed, using the first key, and a fifth cipher text which is obtained by enciphering at least predetermined information in the written order using the second key, and then transmits the third cipher text, the fourth cipher text and the fifth cipher text to said second apparatus through said communication network;   said second apparatus transmits the fourth cipher text to said third apparatus;   said third apparatus calculates a sixth cipher text, from which the influence of the first key is removed, from the fourth cipher text, and then transmits the sixth cipher text thus obtained to said second apparatus;   said second apparatus deciphers the third key by removing the influence of the second information on the basis of the sixth cipher text, and also deciphers the written order using the resultant third key on the basis of the third information, and calculates a seventh cipher text which is obtained by enciphering predetermined information in the written order using the second key, and then transmits both the fifth cipher text and the seventh cipher text to said third apparatus; and   said third apparatus deciphers the predetermined information using the second key on the basis of the seventh cipher text and also deciphers the predetermined information using the first key on the basis of the fifth information, and judges whether or not the resultant predetermined two information matches each other, thereby authenticating the predetermined part.   
     
     
       5. An electronic shopping method according to claim 4, wherein the first key, and a value (p-1) which is obtained by subtracting 1 from a prime number p as public information are prime each other; said first apparatus selects the third key K so as to fulfill the condition of 0≦K<p, and selects, as the first information, a first random number r fulfilling the condition of 0≦r<p-1, and calculates the first cipher text u=exp(K: r) mod p, where exp(a: x) represents a to the x-th power, using both the third key and the first information;   said second apparatus selects, as the second information, a second random number s fulfilling the condition of 0≦s<p, and calculates the second cipher text r=exp(u: s) mod p using the second information;   said first apparatus calculates the fourth cipher text w=exp(v: K(A, C)/r) mod p;   said third apparatus calculates the sixth cipher text w'=exp(w: 1/K(A, C)) mod p; and   said second apparatus deciphers the third key on the basis of an expression of K=exp(w': 1/s) mod p, and deciphers the written order using the resultant key.   
     
     
       6. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said first apparatus and said third apparatus hold a first key in common, and both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text which is obtained by enciphering a third key selected at random using first information which is obtained by only said first apparatus, and then transmits the first cipher text to said second apparatus through said communication network;   said second apparatus calculates a second cipher text which is obtained by enciphering the first cipher text using second information which is obtained by only said second apparatus, and then transmits the second cipher text thus obtained to said first apparatus;   said first apparatus calculates a third cipher text C3 which is obtained by enciphering the written order P=(P1, P2) including information P2 to be notified to a credit card company and information P1 other than the information P2 using the third key, and a fourth cipher text C4 which is obtained by enciphering a cipher text, which is obtained by removing the influence of the first information from the second cipher text C2, using the first key, and on the basis of a hash value f(h(P1), P2) which is calculated using both one way hash functions h(x) and f(x, y) as public information, and calculates a digital signature sgnA(P) for the hash value f(h(P1), P2) using a secret key associated with said first apparatus, and then transmits the third cipher text C3, the fourth cipher text C4 and the digital signature sgnA(P) to said second apparatus through said communication network;   said second apparatus transmits the fourth cipher text C4 to said third apparatus;   said third apparatus calculates a fifth cipher text C5 which is obtained by removing the influence of the first key from the fourth cipher text, and then transmits the fifth cipher text thus obtained to said second apparatus;   said second apparatus deciphers the third key by removing the influence of the second information on the basis of the fifth cipher text, and also deciphers the written order P using the resultant third key on the basis of the third information, and confirms the legality of the digital signature sgnA(P) using a public key associated with said first apparatus, thereby authenticating the written order P, and calculates a sixth cipher text C6 which is obtained by enciphering predetermined information P2 in the written order using the second key, and then transmits the sixth cipher text, the digital signature sgnA(P) and the hash value h(P1) to said third apparatus; and   said third apparatus deciphers the predetermined information P2 in the written order using the second key on the basis of the sixth cipher text, and confirms the legality of the digital signature sgnA(P) using the public key associated with said first apparatus, the hash value h(P1) and the predetermined information P2 in the written order, thereby authenticating the second information in the written order.   
     
     
       7. An electronic shopping method according to claim 6, wherein the first key, and a value (p-1) which is obtained by subtracting 1 from a prime number p as public information are prime each other; said first apparatus selects the third key K so as to fulfill the condition of 0≦K<p, and selects, as the first information, a first random number r fulfilling the condition of 0≦r<p-1, and calculates the first cipher text u=exp(K: r) mod p, where exp(a: x) represents a to the x-th power, using both the third key and the first information;   said second apparatus selects, as the second information, a second random number e fulfilling the condition of 0≦s<p, and calculates the second cipher text r=exp(u: s) mod p using the second information;   said first apparatus calculates the fourth cipher text w=exp(v: K(A, C)/r) mod p;   said third apparatus calculates the sixth cipher text w=exp(w: 1/K(A, C)) mod p; and   said second apparatus deciphers the third key on the basis of an expression of K=exp(w: 1/s) mod p, and deciphers the written order using the resultant key.   
     
     
       8. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text u which is obtained by enciphering a third key K, which is selected at random so as to fulfill the condition of 0≦K<p using first information as a first random number r fulfilling the condition of 0≦r<p-1 on the basis of an expression of u=exp(K: r) mod p where exp(a: x) represents a to the x-th power, and then transmits the first cipher text to said second apparatus through said communication network;   said second apparatus calculates a second cipher text v which is obtained by enciphering the first cipher text using second information as a second random number s fulfilling the condition of 0≦s<p on the basis of an expression of v=exp(u: s) mod p, and then transmits the second cipher text to said first apparatus;   said first apparatus calculates a third cipher text C3 which is obtained by enciphering the written order P=(P1, P2) including predetermined information P2 to be notified to a credit card company and information P1 other than the predetermined information P2 using the third key, and a fourth cipher text w which is obtained by removing the influence of the first information from the second cipher text on the basis of an expression of w=exp(v: 1/r) mod p, and on the basis of a hash value g(f(h(P1), P2), v, I) which is calculated using the second cipher text v, identification information I and one way hash functions h(x), f(x, y) and g(x, y, z) as public information, and calculates a digital signature sgnA(P) for the hash value g(f(h(P1), P2), v, I) using a secret key associated with said first apparatus, and then transmits the fourth cipher text, the identification information and the digital signature to said second apparatus through said communication network;   said second apparatus deciphers the third key on the basis of an expression of K=exp(w: 1/s) mod p, and also deciphers the written order using the resultant third key, and confirms the legality of the digital signature sgnA(P) using a public key associated with said first apparatus, thereby authenticating the written order P, and calculates a fifth cipher text which is obtained by enciphering the predetermined information P2 in the written order using the second key, and then transmits the fifth cipher text, the digital signature sgnA(P), the hash value h(P1) and the identification information I to the third apparatus; and   said third apparatus deciphers the predetermined information P2 in the written order using the second key on the basis of the fifth cipher text, and confirms the legality of the digital signature sgnA(P) using the public key associated with said first apparatus, the hash value h(P1), and the predetermined information P2 in the written order, thereby authenticating the predetermined information in the written order.   
     
     
       9. An electronic shopping method in which by using a communication network to which a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, and a third apparatus associated with a credit card company for paying the prices for the products purchased by the user are connected, the user operates said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, and said second apparatus transmits at least predetermined information of the written order of interest to said third apparatus, said method comprises that: both said second apparatus and said third apparatus hold a second key in common;   said first apparatus calculates a first cipher text which is obtained by enciphering the written order P=(P1, P2) including predetermined information P2 to be notified to the credit card company and information P1 other than the predetermined information P2 using a third key selected at random and calculates a second cipher text w, which is defined by an expression of w=exp(K: eB) mod nB where exp(a: x) represents a to the x-th power, using a public key (eB, nB) associated with said second apparatus, and also calculates a digital signature sgnA(P) for a hash value f(h(P1), P2) using one way hash functions h(x) and f(x, y) as the public information and a secret key dA and a public key nA associated with said first apparatus in accordance with an expression of sgnA(P)=exp(f(h(P1), P2), dA) mod nA, and then transmits the resultant first cipher text, second cipher text and digital signature sgnA(P) to said second apparatus through said communication network;   said second apparatus deciphers the third key using a secret key dB associated with said second apparatus in accordance with an expression of K=exp(w: dB) mod nB, and also deciphers a document P using the resultant third key on the basis of the first cipher text, and confirms that an expression of f(h(P1), P2)=exp(sgnA(P): eA)(mod nA) is established using a public key (eA, nA) associated with said first apparatus, thereby authenticating the document P, and calculates a third cipher text which is obtained by enciphering predetermined information in the document P using the second key, and then transmits the third cipher text, the hash value h(P1) and the digital signature sgnA(P) to said third apparatus; and   said third apparatus deciphers the predetermined information in the written order using the second key on the basis of the third cipher text, and confirms that an expression of f(h(P1), P2)=exp(sgnA(P): eA)(mod nA) is established using the public key (eA, nA) associated with said first apparatus, thereby authenticating the predetermined information in the written order.   
     
     
       10. An electronic shopping system including a first apparatus for being operated by a user, a second apparatus associated with a retail store for providing information with respect to products to be purchased by the user, a third apparatus associated with a credit card company for paying the prices for the products purchased by the user, and a communication network to which said first, second and third apparatuses are connected, the user operating said first apparatus so as to transmit a written order that the user purchases the desired products to said second apparatus, said second apparatus transmitting at least predetermined information of the written order to said third apparatus, both said first apparatus and said third apparatus holding a first key in common, both said second apparatus and said third apparatus holding a second key in common, said first apparatus including first enciphering/deciphering means for enciphering desired information using both the first key and a third key selected at random or deciphering the enciphered information on the basis of predetermined information, and first transmission/reception means for transmitting/receiving information to/from said second apparatus, said second apparatus including second enciphering/deciphering means for enciphering predetermined information using the second key or deciphering the enciphered information on the basis of predetermined information, and second transmission/reception means for transmitting/receiving information to/from said first apparatus and said third apparatus, said third apparatus including third enciphering/deciphering means for enciphering predetermined information using both the first key and the second key or deciphering the enciphered information on the basis of predetermined information, and third transmission/reception means for transmitting/receiving predetermined information to/from said second apparatus, wherein: said first enciphering/deciphering means of said first apparatus produces a first cipher text which is obtained by enciphering the written order exhibiting the products to be purchased by the user using the third key selected at random, and a second cipher text which is obtained by enciphering the third key using the first key;   said third enciphering/deciphering means of said third apparatus deciphers the third key using the first key on the basis of the received second cipher text, and calculates a third cipher text which is obtained by enciphering the resultant third key using the second key; and   said second enciphering/deciphering means of said second apparatus deciphers the third key using the second key on the basis of the third cipher text and also deciphers the written order using the resultant third key on the basis of the first cipher text, thereby obtaining the written order, and wherein said first means includes authentication information calculating means for calculating authentication information relating to at least a predetermined part of the written order;   said second apparatus includes verification means for verifying the legality of the predetermined part of the written order by referring to the received authentication information, and calculates a fourth cipher text which is obtained by enciphering the predetermined part of the written order, which is obtained by the operation of said second enciphering/deciphering means, using the second key; and   said third apparatus deciphers the predetermined part of the written order using the second key on the basis of the fourth cipher text, and authenticates the predetermined part of the written order by referring to the authentication information.     
     
     
       11. A document authenticating method in which a digital signature for a certain document P is calculated using a secret key associated with a signature producing person, and at least a plurality of signature verifiers confirm the legality of the digital signature using a public key associated with the signature producing person, thereby authenticating the document P, said method comprises that: on the side of the signature producing person, a hash value f(h(P1), P2) for the document P=(P1, P2) containing a first part P1 and a second part P2 is calculated using one way hash functions h(x) and f(x, y) as public information, and a digital signature sgnA(P) for the hash value f(h(P1), P2) is calculated using a secret key associated with the signature producing person, and both the document and the digital signature sgnA(P) are transmitted to the side of the signature verifiers;   on the side of a first signature verifier, the legality of the digital signature sgnA(P) is confirmed using both a public key associated with the signature producing person and the document P, thereby authenticating the document P;   the hash value h(P1), the second part P2 and the digital signature sgnA(P) are supplied to the side of a second signature verifier; and   on the side of the second signature verifier, the legality of the digital signature sgnA(P) is confirmed using the public key associated with the signature producing person, the hash value h(P1) and the second part P2 in the document P, thereby authenticating

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.